Jump to content

Microsoft technology licensing, llc (20240297904). ORDERING SECURITY INCIDENTS USING ALERT DIVERSITY simplified abstract

From WikiPatents

ORDERING SECURITY INCIDENTS USING ALERT DIVERSITY

Organization Name

microsoft technology licensing, llc

Inventor(s)

Anna Swanson Bertiger of Seattle WA (US)

Michael Steven Flowers of Kent WA (US)

ORDERING SECURITY INCIDENTS USING ALERT DIVERSITY - A simplified explanation of the abstract

This abstract first appeared for US patent application 20240297904 titled 'ORDERING SECURITY INCIDENTS USING ALERT DIVERSITY

The abstract of this patent application describes a method for ranking security incidents in a computer network based on a diversity metric computed from attribute values associated with security alerts.

  • The innovation involves determining attribute-specific sub-metrics for each security incident and combining them into an overall diversity metric.
  • The ranked list of security incidents can be used to generate outputs such as communicating with a security administrator or triggering automated mitigating actions.

Potential Applications: - Cybersecurity systems - Network monitoring tools - Incident response platforms

Problems Solved: - Prioritizing security incidents effectively - Enhancing incident response efficiency - Improving overall network security

Benefits: - Better identification of critical security threats - Faster response to potential breaches - Enhanced protection of sensitive data

Commercial Applications: Title: "Enhanced Security Incident Ranking System for Network Monitoring" This technology can be utilized by cybersecurity companies to offer more efficient and effective security incident management solutions. It can also be integrated into existing network monitoring tools to enhance threat detection capabilities.

Questions about the technology: 1. How does this innovation improve incident response in computer networks? - By ranking security incidents based on a diversity metric, it helps prioritize and address the most critical threats promptly. 2. What are the potential implications of this technology for network security? - This technology can significantly enhance the overall security posture of organizations by enabling proactive threat mitigation strategies.


Original Abstract Submitted

in a computer network monitored for security threats, security incidents corresponding to groups of mutually related security alerts may be ranked based on values of a diversity metric computed for each incident from attribute values of an attribute, or multiple attributes, associated with the security alerts. in some embodiments, values of attribute-specific sub-metrics are determined for each incident and combined, e.g., upon conversion to p-values, into respective values of the overall diversity metric. based on the ranking, an output may be generated. for example, a ranked list of the security incidents (or a subset thereof) may be communicated to a security administrator, and/or may trigger an automated mitigating action.

Retrieved from "https://wikipatents.org/index.php?title=Microsoft_technology_licensing,_llc_(20240297904)._ORDERING_SECURITY_INCIDENTS_USING_ALERT_DIVERSITY_simplified_abstract&oldid=224701"
Cookies help us deliver our services. By using our services, you agree to our use of cookies.